Tcpdump
by Red Hat
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-8768 | 0.06 | — | 0.34 | Nov 20, 2014 | Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. | ||
| CVE-2003-0989 | 0.02 | — | 0.20 | Feb 17, 2004 | tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057. | ||
| CVE-2014-8767 | 0.01 | — | 0.07 | Nov 20, 2014 | Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. | ||
| CVE-2014-9140 | 0.00 | — | 0.06 | Dec 5, 2014 | Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. | ||
| CVE-2014-8769 | 0.00 | — | 0.03 | Nov 20, 2014 | tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access. | ||
| CVE-2003-0194 | 0.00 | — | 0.00 | Jun 9, 2003 | tcpdump does not properly drop privileges to the pcap user when starting up. |